Hoping to make cloud computing more palatable for large-scale organizations, RightScale today announced a host of new security, management, and governance features for its cloud-management platform. Among the notable additions is support for single sign-on (SSO) and SAML; a reporting capability for granularly tracking cloud-resource usage and costs; and a pledge to ensure its library of ServerTemplates remain up-to-date and backwards-compatible for at least 18 months.

The improvements aim to help IT departments bring under their purview the cloud services that employees have already started using -- at times without IT's blessing or knowledge, according to Phil Cox, director of security and compliance at RightScale. Developers, for example, may open up Amazon Web Services accounts to test their code and expense it, rather than waiting what may feel like six to eight weeks for the server team to free up machines.

Not only does that unmanaged cloud activity expose organization to security threats; it can lead to unanticipated costs as different users, departments, and business units rack up cloud charges. "The current state of cloud computing is, it's a runaway train with lots of consumption occurring everywhere," said Michael Crandell, CEO at RightScale. "Companies are trying to get their arms around it, so as to continue to enable agile consumption but also to have some governance over it from a security perspective and also from a cost-tracking perspective."

That fact that security continues to be a sore point among companies contemplating cloud adoption is none too surprising considering the porous nature of the cloud. To that end, RightScale has added support for SSO, letting companies use their existing directory services or identity management products, including Active Directory and LDAP. RightScale said it now supports SAML (Security Assertion Markup Language), an industry standard that enables SSO. Additionally, the company has teamed up with Ping Identity to provide identity federation out of the box.

With the addition of support for SAML and SSO authentication, IT can now provision and manage users from a single location to control who can access which internal and external resources, according to Cox.

RightScale has also added an enterprise reporting capability, which IT can use to generate customized reports on usage and costs across multiple clouds, account, business units, applications, and functions. The aim here is to rein in costs by giving IT the power to charge departments for their cloud consumption. Users can tag cloud resources with department, application, type, or any other value they choose. Users also have the option to automatically schedule reports and export them for integration with internal accounting systems, according to RightScale.

Finally, RightScale announced what it dubs Long Term Support (LTS) for its ServerTemplates, which are pre-built, customizable templates for building multi-tier cloud architectures using common databases, applications, and Web servers. The ServerTemplates -- which can include complex scripts and Chef recipes -- aren't new; it's the LTS, which guarantees that RightScale will keep said templates patched and backwards compatible for 18 months.

The benefit here, according to RightScale, is to ensure that each time RightScale updates ServerTemplate -- say, for a new version of MySQL -- companies using the older version of MySQL could still use the new template without fear of their application breaking.